Lucene search
K

7 matches found

OSV
OSV
added 2026/05/04 6:30 p.m.2 views

GHSA-659W-93R5-9J6M Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: Before 2.5.9 Before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References4
OSV
OSV
added 2026/05/04 5:16 p.m.5 views

DEBIAN-CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:40 p.m.4 views

CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

7.5CVSS5.8AI score0.00627EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 4:40 p.m.8 views

CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

5.8AI score0.00627EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values...

7.5CVSS8.6AI score0.03075EPSS
Exploits0References3
OSV
OSV
added 2018/09/12 1:29 a.m.1 views

DEBIAN-CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values...

7.5CVSS7.1AI score0.03075EPSS
Exploits0References1
OSV
OSV
added 2018/09/12 1:29 a.m.3 views

UBUNTU-CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values...

7.5CVSS7.2AI score0.03075EPSS
Exploits0References3
Rows per page
Query Builder